Slashdot Mirror
Cyber-Espionage Group Uses Chrome Extension To Infect Victims (zdnet.com)
In what appears to be a first on the cyber-espionage scene, a nation-state-backed hacking group has used a Google Chrome extension to infect victims and steal passwords and cookies from their browsers. From a report: This is the first time an APT (Advanced Persistent Threat -- an industry term for nation-state hacking groups) has been seen (ab)using a Chrome extension, albeit it's not the first time one has used a browser extension, as the Russian-linked Turla APT previously used a Firefox add-on in 2015. According to a report that's going to be published later today by the ASERT team at Netscout reveals the details of a spear-phishing campaign that's been pushing a malicious Chrome extension since at least May 2018.
Hackers used spear-phishing emails to lure victims on websites copied from legitimate academic organizations. These phishing sites, now down, showed a benign PDF document but prevented users from viewing it, redirecting victims to the official Chrome Web Store page to install a (now removed) Chrome extension named Auto Font Manager.
Hackers used spear-phishing emails to lure victims on websites copied from legitimate academic organizations. These phishing sites, now down, showed a benign PDF document but prevented users from viewing it, redirecting victims to the official Chrome Web Store page to install a (now removed) Chrome extension named Auto Font Manager.
Unless he is hosting some penetration if you know what I mean
THERE WILL BE CONSEQUENCES FOR YOUR LIES NAZI FAGGOT KEN DOLL
Filter error: Don't use so many caps. It's like YELLING. Filter error:
Go fuck yourselves, stupid cunts.
You're a nazi faggot ken doll. And so is your mother.
is made totally safe for ads then malware just has to look like an approved service :)
Good security cant keep allowing approved ads in and still keep a user safe.
When building a great new OS, browser keep security in mind, not how to keep access for ads.
Domestic spying is now "Benign Information Gathering"
Sure buddy
wif de hax, in ur br0ws4r. URA HAXX0RED NA0!!!1!
W-w-wahhhh it's unfair, how can Donald Trump be hanged for treason and his bitch beta traitor sons die in Federal Prison, soooooo unfaaaaaaaaaiiiiiir! What about the Magnitsky Act?!? How will I felate Putin now!? Manually???
What, shirtless on horseback? Well, at least it's better than felating Donald "Toad" Drumpf...
Whipslash and the other editors should be ashamed for allowing this spam to continue. This goes beyond a heated argument, since this spam has been ongoing for weeks. It's for the sole purpose of disrupting discussion on this site, which is why it's being posted even in articles where SuperKendall hasn't commented. Slashdot is aware of this behavior because it's blatant, highly persistent, and has been brought to their attention by flagging these posts as abuse. It is a complete and utter embarrassment that, after weeks of flagrant abuse like this, Slashdot allows it to continue unchecked. Perhaps they'll take notice when the remaining adults move on to more civilized places and only trolls are left in the comments.
Comment removed based on user account deletion
Because I think Google needs to do away with extensions entirely. The only code that Chrome needs to run is that which is approved and written by Google only. Anything less is a blatant disregard for the safety of the internet and it's users everywhere.
/sarcasm
INB4 People who know nothing about computer security start posting the above demands.
THERE WILL BE CONSEQUENCES FOR LIES NAZI FAGGOT KEN DOLL. DON'T LIKE IT? TOO LATE. THERE WILL BE CONSEQUENCES FOR YOUR ENTIRE FAMILY YOU LYING NAZI FAGGOT.
Filter error: Don't use so many caps. It's like YELLING. Filter error: Don't use so many caps. It's like YELLING. Filter error: Don't use so many caps. It's like YELLING.
Maybe!? Or just a Faraday box near the front door.
welcome to the new monoculture.
"an APT (Advanced Persistent Threat -- an industry term for nation-state hacking groups)"
Hardly - an APT is a classification of malware, not of a hacker group.
Looks like the author of this report doesn't know the term they are purporting to explain.
...to log in to banks and other possibly sensitive websites. I do all my other browsing in a session containing ad blockers and whatnot, but keep the clean account for when I need to make sure nothing interferes with the operation of a webpage.
When building a great new OS, browser keep security in mind, not how to keep access for ads.
The extension is "Auto Font Manager", a ridiculously stupid extension that I imagine if you are reading /., you don't have, because it was essentially always installed as a part of a scam. So don't freak out or anything, it's not any of the actually important extensions.